https://supertokens.com/ logo
#support-questions
Title
# support-questions
s

sharma

06/02/2022, 3:34 AM
UserContext
vs
UserMetadata
which one to choose for user profile data such as timezone, address, etc.?
n

nkshah2

06/02/2022, 3:35 AM
Hi, So if you want any information to be stored for a given user you should use user UserMetaData
s

sharma

06/02/2022, 3:48 AM
What are the use cases for
UserContext
?
n

nkshah2

06/02/2022, 3:51 AM
The documentation probably explains it best, but it’s a way to make the override feature more powerful.
s

sharma

06/02/2022, 3:57 AM
I assume that the only fields stored during signup are email and password. If I have to add common fields such as "name", I should override
signupPost
and from there, I should call
UserMetadata.updateUserMetadata(userId, { name: "John Doe" });
n

nkshah2

06/02/2022, 5:18 AM
Yep thats correct, the signin/up functions (both frontend and backend) support custom fields and then you would use the
UserMetaData
to store the information
s

sharma

06/02/2022, 8:52 AM
Follow up question I want this information(name, timezone, etc.) on all the pages so that I can show it in the menu bar. When I'm storing this info, I'm making usermetadata request on every page. Is there any more effective way to do this? My first instict goes to either storing this info in the token payload or the session info, how can I do that?
@nkshah2
n

nkshah2

06/02/2022, 9:45 AM
Right on the backend you can add the information to the access token payload
You can then access it on the frontend using
getAccessTokenPayloadSecurely
s

sharma

06/02/2022, 12:14 PM
how to add info to token payload?
n

nkshah2

06/02/2022, 12:14 PM
Theres a couple ways to do that, what recipe are you using?
s

sharma

06/02/2022, 12:14 PM
email password for now
later I'd add thirdpartyemail for social login as well
n

nkshah2

06/02/2022, 12:16 PM
Ah Id recommend using thirdpartyemailpassword recipe instead then and just enable third party later. But to add to access token payload you can follow this doc: https://supertokens.com/docs/thirdpartyemailpassword/common-customizations/sessions/update-jwt-payload
If you want to add info to the access token on session creation you can follow this one instead: https://supertokens.com/docs/thirdpartyemailpassword/common-customizations/sessions/new-session
s

sharma

06/02/2022, 12:19 PM
Ok. I assume this token/session info update is not saved in db so in order to persist this info we should first updater userMetaData and then get the userMetaData and update session/token info at the time of login. Is this right?
n

nkshah2

06/02/2022, 12:21 PM
If you add it to the access token payload then it is persisted (so that the payload remains the same when the access token is refreshed)
So depending on how you want to use it, adding it to the access token payload is enough
But because there is a limit to cookie size, if you want to store a lot of information we recommend user meta data instead
s

sharma

06/02/2022, 12:24 PM
and when we sign out and login again, I should add the info again to the token?
n

nkshah2

06/02/2022, 12:24 PM
Yep
user meta data gets stored against the specific user so it is more suited to information that needs to be stored forever
You can do that and then add the specific info you need on your frontend to the access token payload as well
s

sharma

06/02/2022, 12:31 PM
Thank you. Let me do that
I guess the right place to do this would be signin override?
n

nkshah2

06/02/2022, 12:45 PM
Youd need this in sign up as well
s

sharma

06/02/2022, 1:54 PM
This is what I have done now. I am calling following fn in
signInPost
and
signUpPOST
override
Copy code
async function storeUserMetaDataInTokenPayload(session, user) {
  let userMetaData = await UserMetadata.getUserMetadata(user.id);
  let currAccessTokenPayload = session.getAccessTokenPayload();
  console.debug("currAccessTokenPayload: " + JSON.stringify(currAccessTokenPayload));
  let accessTokenPayloadWithMetadata = Object.assign({}, userMetaData ? userMetaData.metadata : null, currAccessTokenPayload, userInfo);
  console.debug("accessTokenPayloadWithMetadata: " + JSON.stringify(accessTokenPayloadWithMetadata));
  await session.updateAccessTokenPayload(accessTokenPayloadWithMetadata);
}
And then I have a middleware for session verification on the backend where on successful session verification, I do this
req.user = session.getAccessTokenPayload()
. So now, I can access all user info via
req.user
on backend and in the token payload on the frontend.
Do you have any feedback for this?
n

nkshah2

06/03/2022, 5:29 AM
Yeah that looks good